Guard against Zimbra
Zyxel_Forum_Admin
Posts: 125 Admin
CVE-2019-9670
Vulnerable Zimbra from 8.5 to 8.7.11
Mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability.
Impact:
This vulnerability could allow an attacker to RCE on an affected Zimbra system. The XML external entity vulnerability in the Autodiscover Servlet is used to read a Zimbra configuration file that contains an LDAP password for the Zimbra account. The zimbra credentials are then used to get a user authentication cookie with an AuthRequest message. Using the user cookie, a server side request forgery in the Proxy Servlet is used to proxy an AuthRequest with the zimbra credentials to the admin port to retrieve an admin cookie. After gaining an admin cookie the Client Upload servlet is used to upload a JSP webshell that can be triggered from the web server to get command execution on the host.
Mitigation (On Host Device):
For hosts:
Zimbra customers running versions of 8.8 must upgrade to 8.8.10 Patch 7 or 8.8.11 Patch 3
Zimbra customers running the long term support version (LTS) 8.7.11 must upgrade to 8.7.11 Patch 10
Zimbra Customers running 8.6 must upgrade to 8.6 Patch 13
Mitigation (On Network):
Zyxel ZyWALL USG/ATP serial firewall uses its IDP security features to block the network attacks.
Zyxel ZyWALL USG/ATP serial firewall uses its IDP security features to block the network attacks.
Update to the latest version of IDP signature and then enable the IDP function to protect your host.
Revision history 2019-11-21: Initial release
Revision history 2019-11-21: Initial release
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight